package com.catazzz.springbootstudy.controller;


import com.catazzz.springbootstudy.common.exception.Result;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import lombok.extern.slf4j.Slf4j;
import org.springframework.security.access.annotation.Secured;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

/**
 * <p>
 * 系统用户表 前端控制器
 * </p>
 *
 * @author Tao
 * @since 2025-01-07
 */
@Slf4j
@RestController
@RequestMapping("/security")
@Api(tags = "权限控制")
public class SecurityController {

    /**
     * permitAll 权限
     *
     * @return Result
     */
    @ApiOperation(
            value = "permitAll 权限",
            response = String.class,
            httpMethod = "GET",
            produces = "application/json",
            consumes = "application/json",
            protocols = "http,https"
    )
    @GetMapping("/permitAll")
    public Result<String> permitAll() {
        return Result.success("permitAll");
    }

    /**
     * anonymous 权限
     *
     * @return Result
     */
    @ApiOperation(
            value = "anonymous 权限",
            response = String.class,
            httpMethod = "GET",
            produces = "application/json",
            consumes = "application/json",
            protocols = "http,https"
    )
    @GetMapping("/anonymous")
    public Result<String> anonymous() {
        return Result.success("anonymous");
    }

    /**
     * config 权限
     *
     * @return Result
     */
    @ApiOperation(
            value = "config 权限",
            response = String.class,
            httpMethod = "GET",
            produces = "application/json",
            consumes = "application/json",
            protocols = "http,https"
    )
    @GetMapping("/config")
    public Result<String> config() {
        return Result.success("config");
    }

    /**
     * secured 权限
     *
     * @return Result
     */
    @ApiOperation(
            value = "secured 权限",
            response = String.class,
            httpMethod = "GET",
            produces = "application/json",
            consumes = "application/json",
            protocols = "http,https"
    )
    @GetMapping("/secured")
    @Secured({"ROLE_secured"})
    public Result<String> secured() {
        return Result.success("secured");
    }

    /**
     * preAuthorize 权限
     *
     * @return Result <br><pre>
     *
     * PreAuthorize("hasAnyAuthority('PreAuthorize')") - 允许对PreAuthorize路径的请求，需要PreAuthorize权限
     */
    @ApiOperation(
            value = "preAuthorize 权限",
            response = String.class,
            httpMethod = "GET",
            produces = "application/json",
            consumes = "application/json",
            protocols = "http,https"
    )
    @GetMapping("/preAuthorize")
    @PreAuthorize("hasAnyAuthority('PreAuthorize')")
    public Result<String> preAuthorize() {
        return Result.success("preAuthorize");
    }
}
